This made me scratch my head, as the file system on the server is NTFS, so someone saving a file to a path longer than 260 including the filename would be unlikely. However I have previously seen backup software create this scenario, when backing up MacBooks to a Windows file server.

So first order of business, find the path with the problem.

Using psexec to run powershell as NT AUTHORITY\SYSTEM (to avoid access denied errors):

c:\>psexec -is powershell

and then running the following powershell command:

PS C:\> get-childitem -Recurse -ErrorAction STOP

it would only be a short time before the path was found.

But no joy. The command finished without errors.

So some more head scratching…

Using the backup application, I eventually found that the problem was in a users profile folder, more specifically once the backup application hit the “c:\users\theuser\AppData\Local\Application Data” folder it found another “Application Data” folder and then another underneath and another and another … until it hit the 1024 maximum and threw the error seen above

First the basics, from NT 6.0 (Vista and newer) this Application Data folder is actually a junction pointing to “c:\Users\theuser\AppData\Local”

If this permission is removed, for instance by an admin who does not know that it is supposed to be there, then a browse into the folder with Windows Explorer will actually create a new folder, so that we now have “c:\Users\theUser\Appdata\local\Application Data\Application Data”

Do this enough times and we hit the error with the backup application. The above nested folder creation can also happen when using Robocopy

But why did the simple powershell test not catch this. Well, that is because I am a dork, and forgot about the fact of hidden folders… the command should have been:

PS C:\> get-childitem -Recurse -Force -ErrorAction STOP

Well now that this is cleared up, a cleanup task is required to remove the broken application data folder, but how to do that. Using Windows explorer – error. Appears that the mischievous admin broke some more permissions. That is easy to fix. First take ownership:

C:\Users\theUser\AppData\Local> takeown /F * /A /R /D Y

then, reset permissions:

C:\Users\theUser\AppData\Local> icacls * /reset /T /Q

But that errors out as well.

So I need a program that ignores permissions and can delete these long paths, and any file which may reside in the folders. Robocopy can do that:

Don’t judge me by the fact that the .Synopsis part of the script takes up half the lines in the script, but not being a programmer by trade, I am trying to improve on my documentation skills (as well as making myself able to reuse the script once I have forgotten it’s original purpose)

The script can be easily modified to also remove certs from the target, which is not present on the source.

Ever found yourself in the situation where you wanted to delete a folder in Windows 7, but you can’t because it has special rights in some way?

An example of such a folder could be the %windir%\winsxs.

In my case I had attached a virtual disk file (.vmdk) from one virtual machine to a new virtual machine.

So I wanted to clean this disk of the unneeded Windows folder, but as this folder as well as most of the subfolders are owned by TrustedInstaller, not by the local Administrators group. For the %windir%\winsxs folder, the administrators group as well as the local system user (NT Authority\System) has only read access to the files.

In order to delete the folder you have to do two things:

Take ownership of the folder and files

Grant the required user at least write access to the folder and files so they can be deleted

The above can be done using the %windir%\system32\takeown.exe and the %windir%\system32\Icacls.exe

If doing this on one machine, then you could just run the respective command lines:

A word of caution, there is no error checking in the script, so if you target the %systemroot% (usually c:\windows), the rights will be altered. As the script only adds permissions, the impact is not that huge, if the folder is not deleted after. But the rights are set in this manner for a reason